Security Q&A on

Quora

We share our own

experience on Security
events with Quora users

Page 1 of 22
Made with ♥ by Synergy USA llc
 TABLE OF CONTENTS

Intro

Why do big organizations keep getting hacked and

1 1 having their data leaked? What does it achieve?

Can ransomware and worms be used to hack

2 ships? Are they specifically designed for that
purpose?

What is it like to be attacked by ransomware?

3 How can I protect my PC from an attack like
this?

4 Which industries are the main target for

ransomware attacks?

5 Are digital documents currently more secure than

physical ones? How about in the future?

Page 2 of 22
 Intro

-------------------

------------------------------------------------------------------
Page 3 of 22
 Synergy USA llc on Quora

Synergy USA llc have been active on Quora since late

2017. We share our own experience on Security events
with Quora users.

Page 4 of 22
 Chapter one
-------------------

Page 5 of 22
Why do big organizations keep getting hacked and
having their data leaked? What does it achieve?

Page 6 of 22
I hacked a University by mistake without even being a hacker.

Like every other person I start my day with a cup of coffee while going online to read the
news on an online newspaper. That day on the top of the page there was a banner
advertising a seminar hosted by a specific University.

However next to the banner there was an error shown, including an IP address and the
name of the database. It was MySQL.

At that time (around 2005) I was developing a PHP application that was relying on a
MySQL database to store tables of information. There was a nice free application that
would let you manage the database called MySQL Workbench.

Without further thinking, I opened MySQL Workbench and typed the IP shown on the
banner.

I was asked for a user name and a password. I typed the default user name which was root
and left the password blank.

Simple as that. I was able to browse all tables of the database. Information regarding
tutors, courses, internal documents etc. There was even one table that had unencrypted
passwords of third party email accounts.

I didn’t know what to do!

I asked myself is it possible for an administrator to be that stupid?

In this case the answer is yes!

I closed the database connection. I did not change any data or kept any copy of the
information.

Nowadays MySQL has safeguards that would not let that happen, even if an administrator
is careless.

It’s the human factor that leaves the door open to the hackers.

As for the hackers their motivation can be political, recognition among friends or just
money-money-money.

You can never be 100% protected online. But you can make a hackers life hard.

Eventually they will leave you for an easier target. Be prepared in advance!

Page 7 of 22
 Chapter two
-------------------

------------------------------------------------------------------
Page 8 of 22
Can ransomware and worms be used to hack ships?
Are they specifically designed for that purpose?

Page 9 of 22
Nowadays ships have local area networks in order to share documents and send emails,
also on the vessel there are servers which host special maritime software. There two
ways for a virus to reach a ship. The first way to get infected is Via email, fortunately
satellite providers that deliver emails do perform various scans, but there might be a
loophole somewhere. The second way is via infected usb sticks or laptops. The crew
have their own personal laptops which may connect to the local network or share files
with each other using a USB stick. Even a surveyor visiting the ship may also have an
infected USB stick.

It’s still difficult and too expensive to remote connect to a ship and update antivirus’s or
set policies. A ship can run on a tight schedule with minimum time in port, making it
impossible for an IT engineer to visit her and clean or check PCs that have been
infected.

Satellites have a specific bandwidth that provides internet to the ship over specific
regions (similar to the limitations of a mobile/cellular antenna) or a ship can be in a
shipyard and have interferences from metal structures blocking internet access.

Other times it’s difficult to communicate in English with crew as their language skills are
at a very basic standard.

We (as providers of services and software to maritime companies) had to come up with
different approaches to solving this problem. We install antivirus software that can be off
line updated using a CD. We also prefer to setup Linux workstations that connect to a
central location via RDP on a server, thus minimizing risks and making control and
backup easier. In some cases we even removed USB ports wherever possible or
installed USB lock devices.

So far we haven’t had many cases of infections that could not be handled one way or
another.

Fortunately no specific targeted ransomware case.

Shipping companies’ offices however are specifically targeted via ransomware and fake
payment emails via their suppliers. We had cases with clients being victims of cyber
criminals pretending to be a vendor/suppler sending fake banking details and managing
to get real money out of their accounting departments.

So far no targeted attack on a ship, but we believe it’s a matter of time…

Cyber criminals are one step ahead of us IT engineers. It’s a billion USD business per
year. So they will find a way to get through.

Training is the best remedy. Keep your crew educated with written instructions or video
presentations on how to protect themselves.

Page 10 of 22
 Chapter three
-------------------

------------------------------------------------------------------
Page 11 of 22
 What is it like to be attacked by ransomware?
How can I protect my PC from an attack like this?

When infected by a Ransomware, it will encrypt all your documents, pictures etc. and will
ask you for ransom. You will have to purchase a cryptocoin to pay the criminals and if
you are lucky enough there is a chance to get your files back unencrypted.

There are also free tools that can be used to unencrypt files, but again luck is the main
factor (someone posting a solution with the correct unencryption keys that is applicable in
your case).

What does Ransomware look like?

Here is an example of an email containing a Ransomware:

They mostly come via email, but you might download and run one by opening a link on a
website. Be prepared and informed. You can purchase various tools, but the most
important thing is to know what not to do when receiving emails or browsing on the
Page 12 of 22
Internet.
 Chapter four
-------------------

------------------------------------------------------------------
Page 13 of 22
Which industries are the main target for
ransomware attacks?

All industries are targets, please see below for some examples:
An average user can be tricked. Sometimes even more power-users can be tricked due to
load of incoming emails.

Page 14 of 22
The following examples are specifically targeted to the maritime industry. If you are an IT
engineer you can spot they are fake, but a person working in an office will consider them
legit and open the attachments.

Page 15 of 22
Page 16 of 22
Page 17 of 22
 Chapter five
-------------------

------------------------------------------------------------------
Page 18 of 22
Are digital documents currently more secure than
physical ones? How about in the future?

I prefer to answer by sharing my personal experience. I believe it makes it more appealing

to the reader.

Page 19 of 22
I own an e-ink reader, amazing device, keep hundreds of articles, long battery etc.
Last month my local library started sharing books online. I did enroll and also opened an
account with a third party that protects the eBooks from copying.
Its called Digital Rights Management. The library allows you to “own” the book for a
specific number of days. After the end of that period it expires and you cannot read it. It’s
enough time though to read the eBook.

I decided to see how long it would take me to remove the protection from the eBook. I did
know that it was possible, never done it myself.
So I downloaded a free eBook management software on my Mac, did a quick research
and found an extension for this software that claimed to remove the DRM.
All I had to do was to drag and drop the file on that software.
The book was mine to keep. So much of the DRM, I though. (It took me less than an
hour).
I am still thinking whether to share that with my local library or not.

Page 20 of 22
A client of ours wanted to know if they could remove the password from a document
(that was in a portable format) and change it’s content. We replied that it would be
difficult to do it and could destroy the format (to discourage them). However at the end
of the day they came back with the solution by themselves. They downloaded a free
software and removed the password. The document was an invoice, they wanted to
increase the expense amount.

As of encrypted documents as of 2019 and depending on the algorithm used, they are
protected up to a point. Secret services will find a way to decrypt any document.

Personally I do not believe that digital documents are more secure than physical
ones. But we cannot do otherwise.

I just remembered a case back in the MS-DOS era, about a company where the
computer having the accounting software system was not even connected to the LAN. It
was locked inside a room and only a designated person was updating it under a strict
policy. It looks like the optimum protection on one hand but on the other imagine how
little information could be exchanged among departments.

As of my own eyes, I once developed an application for an organization that was

collecting information. They had two networks. One for the internet and one for their
database system. There was no physical connection between two networks. I guess
you can understand why.

Wouldn’t it be nice to embed metadata in a biological or quantum state inside a

document?

Disclaimer: We are against on stealing other people intellectual property. In the

end no one will be creating any content at all.

Page 21 of 22
 SIGN UP FOR MORE FREEBIES
Synergy USA llc

Page 22 of 22